Unrated severityNVD Advisory· Published Aug 13, 2007· Updated Apr 23, 2026

CVE-2007-2956

Description

Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in pfstools 1.6.2 and (2) src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.

Affected products

Pfstools/Pfstools
cpe:2.3:a:pfstools:pfstools:1.6.2:*:*:*:*:*:*:*
Qtpfsgui/Qtpfsgui
cpe:2.3:a:qtpfsgui:qtpfsgui:1.8.11:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

umn.dl.sourceforge.net/sourceforge/qtpfsgui/qtpfsgui-1.8.12.tar.gznvdPatch
secunia.com/advisories/26387nvdVendor Advisory
secunia.com/advisories/26388nvdVendor Advisory
secunia.com/secunia_research/2007-67/advisory/nvdVendor Advisory
secunia.com/secunia_research/2007-68/advisory/nvdVendor Advisory
pfstools.cvs.sourceforge.net/pfstools/pfstools/src/fileformat/rgbeio.cppnvd
pfstools.cvs.sourceforge.net/pfstools/pfstools/src/fileformat/rgbeio.cppnvd
secunia.com/advisories/26674nvd
www.novell.com/linux/security/advisories/2007_18_sr.htmlnvd
www.vupen.com/english/advisories/2007/2855nvd
www.vupen.com/english/advisories/2007/2856nvd
exchange.xforce.ibmcloud.com/vulnerabilities/35948nvd
exchange.xforce.ibmcloud.com/vulnerabilities/35949nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000